How to construct random functions
Journal of the ACM (JACM)
How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Journal of Computer and System Sciences
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Encryption-Scheme Security in the Presence of Key-Dependent Messages
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Extracting randomness from samplable distributions
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
Characterization of Security Notions for Probabilistic Private-Key Encryption
Journal of Cryptology
Security under key-dependent inputs
Proceedings of the 14th ACM conference on Computer and communications security
The sum of PRPs is a secure PRF
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A theoretical treatment of related-key attacks: RKA-PRPS, RKA-PRFs, and applications
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Soundness of formal encryption in the presence of key-cycles
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Security under key-dependent inputs
Proceedings of the 14th ACM conference on Computer and communications security
Circular-Secure Encryption from Decision Diffie-Hellman
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
Tahoe: the least-authority filesystem
Proceedings of the 4th ACM international workshop on Storage security and survivability
OAEP Is Secure under Key-Dependent Messages
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the (Im)Possibility of Key Dependent Encryption
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Towards key-dependent message security in the standard model
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
On strong simulation and composable point obfuscation
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Key dependent message security: recent results and applications
Proceedings of the first ACM conference on Data and application security and privacy
Black-box circular-secure encryption beyond affine functions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Efficient circuit-size independent public key encryption with KDM security
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Key-dependent message security: generic amplification and completeness
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
On cipher-dependent related-key attacks in the ideal-cipher model
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Authenticated and misuse-resistant encryption of key-dependent data
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Key-dependent message security for division function: discouraging anonymous credential sharing
ProvSec'11 Proceedings of the 5th international conference on Provable security
Ciphers that securely encipher their own keys
Proceedings of the 18th ACM conference on Computer and communications security
On symmetric encryption and point obfuscation
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Computational soundness, co-induction, and encryption cycles
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Cryptographic agility and its relation to circular encryption
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Bounded key-dependent message security
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Cryptography secure against related-key attacks and tampering
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
On the security of the "Free-XOR" technique
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Security of message authentication codes in the presence of key-dependent messages
Designs, Codes and Cryptography
New definitions and separations for circular security
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Randomness-Dependent message security
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Hi-index | 0.00 |
In this work we re-visit the question of building cryptographic primitives that remain secure even when queried on inputs that depend on the secret key. This was investigated by Black, Rogaway, and Shrimpton in the context of randomized encryption schemes and in the random oracle model. We extend the investigation to deterministic symmetric schemes (such as PRFs and block ciphers) and to the standard model. We term this notion "security against key-dependent-input attack", or KDI-security for short. Our motivation for studying KDI security is the existence of significant real-world implementations of deterministic encryption (in the context of storage encryption) that actually rely on their building blocks to be KDI secure. We consider many natural constructions for PRFs, ciphers, tweakable ciphers and randomized encryption, and examine them with respect to their KDI security. We exhibit inherent limitations of this notion and show many natural constructions that fail to be KDI secure in the standard model, including some schemes that have been proven in the random oracle model. On the positive side, we demonstrate examples where some measure of KDI security can be provably achieved (in particular, we show such examples in the standard model).